GREECE Law and Practice Contributed by: Nikos Nikolinakos, Dina Kouvelou and Alexis Spyropoulos, Nikolinakos & Partners Law Firm
Greek jurisdiction are required to take appropri - ate measures for the protection of minors and for the protection of the general public from content with incitement to violence or hatred against groups identified on the basis of race, colour, national or ethnic origin, descent, ances - try, religion, disability, sexual orientation, identity or gender characteristics. With regard to cybersecurity challenges, Law 5160/2024 establishes various obligations for the entities that fall within its scope, such as social networking services. Examples include requirements for: • registration at the relevant register; • implementation of certain cybersecurity risk management measures; and • reporting a significant incident. It should be noted that a proposal for age restric - tion on social media is strongly discussed as an intention of the Greek government for the near future, in the context of an upcoming National Strategy for the Protection of Minors from Inter - net Addiction. However, no official legal frame - work has yet been published. 10.2 Regulatory and Compliance Issues Regulatory Bodies With regard to the obligations arising from the DSA and Article 4 of Law 5099/2024, EETT is designated as the Digital Services Co-ordinator responsible for supervising and co-ordinating intermediary service providers, including social media platforms. The following authorities are also designated as being competent for over - seeing intermediary service providers: • the ESR, regarding issues related to advertis - ing and the protection of minors from risks threatening their safety; and
• the HDPA, concerning matters related to informing users about the manner in which advertisements are displayed and targeted, as well as the protection of minors' personal data. With regard to the obligations arising from Law 4779/2021 on social media network services under the jurisdiction of Greece with regard to their audiovisual content, the competent author - ity is the ESR. With regard to the obligations arising from Law 5160/2024 on cybersecurity issues, the com - petent authority is the National Cybersecurity Authority. Enforcement Powers EETT Under the DSA and Law 5099/2024, EETT may request information from intermediary service providers and from any other person acting for purposes related to their commercial, business or professional activities that may reasonably have knowledge of the alleged infringement. Furthermore, EETT has the authority to order the cessation of infringements and to impose corrective measures on providers, proportional to the infringement. It may also impose a fine or periodic financial penalty, or request the imposi - tion thereof by a judicial authority. HDPA The HDPA has powers such as warnings for potential violations, compliance orders, restric - tion or prohibition of processing, confiscation of equipment and data, and suspension or destruc - tion of records and data to protect personal data. ESR In case of violation of the obligations under Law 4779/2021 concerning social media in the sense
119 CHAMBERS.COM
Powered by FlippingBook